Skip to content

build(deps): bump step-security/harden-runner from 2.13.2 to 2.15.1#3697

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/github_actions/step-security/harden-runner-2.15.1
Closed

build(deps): bump step-security/harden-runner from 2.13.2 to 2.15.1#3697
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/github_actions/step-security/harden-runner-2.15.1

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 9, 2026

Bumps step-security/harden-runner from 2.13.2 to 2.15.1.

Release notes

Sourced from step-security/harden-runner's releases.

v2.15.1

What's Changed

Full Changelog: step-security/harden-runner@v2.15.0...v2.15.1

v2.15.0

What's Changed

Windows and macOS runner support

We are excited to announce that Harden Runner now supports Windows and macOS runners, extending runtime security beyond Linux for the first time.

Insights for Windows and macOS runners will be displayed in the same consistent format you are already familiar with from Linux runners, giving you a unified view of runtime activity across all platforms.

Full Changelog: step-security/harden-runner@v2.14.2...v2.15.0

v2.14.2

What's Changed

Security fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See GHSA-cpmj-h4f6-r6pq for details.

Full Changelog: step-security/harden-runner@v2.14.1...v2.14.2

v2.14.1

What's Changed

  1. In some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.

  2. Fixed npm audit vulnerabilities

Full Changelog: step-security/harden-runner@v2.14.0...v2.14.1

v2.14.0

What's Changed

  • Selective installation: Harden-Runner now skips installation on GitHub-hosted runners when the repository has a custom property skip_harden_runner, allowing organizations to opt out specific repos.
  • Avoid double install: The action no longer installs Harden-Runner if it’s already present on a GitHub-hosted runner, which could happen when a composite action also installs it.

Full Changelog: step-security/harden-runner@v2.13.3...v2.14.0

v2.13.3

What's Changed

  • Fixed an issue where process events were not uploaded in certain edge cases.

Full Changelog: step-security/harden-runner@v2.13.2...v2.13.3

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump step-security/harden-runner from 2.13.2 to 2.15.1
9517687 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.2 to 2.15.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@95d9a5d...58077d3)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.15.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 9, 2026
@dependabot dependabot bot mentioned this pull request Mar 9, 2026
Closed
@github-actions
Copy link

github-actions bot commented Mar 9, 2026

PR: #3697
Mode: squash
Topic: GH-vpp-3697
Change-Ids:
I2baf5173898145d66bada6d3a1936153bce9d644
Digest: c3ee02617c87
GitHub-Hash: 4b5786dc19616544

Note: This metadata is also included in the Gerrit commit message for reconciliation.

@github-actions
Copy link

github-actions bot commented Mar 9, 2026

Change raised in Gerrit by GitHub2Gerrit: https://gerrit.fd.io/r/c/vpp/+/45146

@github-actions
Copy link

github-actions bot commented Mar 9, 2026

Auto-closing pull request

@github-actions github-actions bot closed this Mar 9, 2026
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Mar 9, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/github_actions/step-security/harden-runner-2.15.1 branch March 9, 2026 13:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants